High severity8.2NVD Advisory· Published Jul 24, 2018· Updated Jun 17, 2026
CVE-2018-11059
CVE-2018-11059
Description
RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application users access the corrupted data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application.
Affected products
2- Range: next of 6.4.0.1
Patches
Vulnerability mechanics
References
3- seclists.org/fulldisclosure/2018/Jul/69nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/104892nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1041359nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.